-
Notifications
You must be signed in to change notification settings - Fork 795
Accounts, Keys, Seeds, and Wallet Identifiers
There are several things that can have a similar form but may have very different functions, and mixing them up can result in loss of funds.
Wallet Id: This is used in several RPC actions and command line options for the node. It is a purely local UUID that is a reference to a block of data about a specific wallet (set of seed/private keys/info about them) in your node's local database file. The reason this is necessary is because we want to store information about each account in a wallet: whether it's been used, what its account is so we don't have to generate it every time, its balance, etc. Also, so we can hold ad hoc accounts, which are accounts that are not derived from the seed. This identifier is only useful in conjunction with your node's database file and will not recover funds if that databse is lost or corrupted. This is the value that you get back when using the wallet_create etc RPC commands, and what the node expects for RPC commands with a "wallet" field as input.
Seed: This is a series of 32 random bytes of data, usually represented as a 64 character, uppercase hexadecimal string (0-9A-F). This value is used to derive private keys for accounts by combining it with an index and then putting that into a hash function (PrivK[i] = blake2b(dkLen = 32, input = seed || i) where || means concatentaion)
Private Key: This is also a 32 byte value, usually represented as a 64 character, uppercase hexadecimal string(0-9A-F). It can either be random (an ad-hoc key) or derived from a seed, as described above. This is what represents control of a specific account on the ledger. If you know or can know the private key of someone's account, you can transact as if you own that account.
Public Key: This is also a 32 byte value, usually represented as a 64 character, upper case hexadecimal string (0-9A-F). It is derived from a private key by using the ed25519 curve using blake2b as the hash function instead of sha. Usually public keys will not be passed around in this form, however.
Account number/identifier: This is what you think of as someone's Nano address: it's a 64 character string that starts with "xrb_", then has 52 characters which are the public key but encoded with a specific base32 encoding algorithm to prevent buman transcription errors by limiting ambiguity between different characters (no O and 0 for example). Then the final 8 characters are a checksum of the public key to aid in discovering typos, also encoded with the same base32 scheme.